<?php
/**
 * 用户管理
 * @author Mortimer He <mortimerhe@163.com>
 */
namespace Manage\Controller;
use Common\Library\Page;
class UserController extends CommonController{
	private $msg=array();
	private $Model;
	function _initialize(){
		parent::_initialize();
		$this->Model=M('User');
	}
	public function main(){
		$this->redirect('index');
	}
	public function index(){
		if(!$this->checkPermission('User')) $this->jump();
		$count=$this->Model->count();
		$Page=new Page($count,C('CONFIG_LIMIT_MANAGE'));
		$Page->setConfig('header',L('page_header'));
		$Page->setConfig('theme',L('page_theme'));
		$map=array();
		if($this->getUserId() != C('ADMINISTRATOR_USER_ID')) $map['user_id']=array('neq',C('ADMINISTRATOR_USER_ID'));
		$list=$this->Model->where($map)->limit($Page->firstRow,$Page->listRows)->select();
		$show=$Page->show();
		$UserGroupModel=M('UserGroup');
		foreach ($list as $k => $v) {
			$list[$k]['thumb']=image_resize($v['image'],100,100);
			$list[$k]['group']=$UserGroupModel->where(array('user_group_id'=>$v['user_group_id']))->find();
		}
		$url['p']=I('get.p','');
		$this->assign('list',$list);
		$this->assign('url',$url);
		$this->assign('page',$show);
		$this->display();
	}
	public function oper($user_id=0){
		if(!$menu_id && !$this->checkPermission('AddUser')) $this->jump();
		$map['user_id']=$user_id;
		$user=$this->Model->where($map)->find();
		if($user_id && empty($user)) $this->jump(L('error_404'));
		if(IS_POST){
			$user=I('post.');
			if($this->validateForm($user_id)){
				$user_data=$this->Model->create($user);
				if(trim($user_data['password'])==''){
					unset($user_data['password']);
				}else{
					$user_data['password']=md5(sha1(trim($user['password'])).C('DATA_AUTH_KEY'));
				}				
				if($user_id){					
					$this->Model->where($map)->save($user_data);
				}else{
					$user_data['date_added']=time();
					$this->Model->add($user_data);
				}
				session('success',$user_id?L('success_edit'):L('success_add'));
				$url['p']=I('get.p','');
				$this->redirect('index',$url);
			}else{
				if(!isset($this->msg['warning'])) $this->msg['warning']=L('error_warning');
			}
		}
		$user['placeholder']=image_resize();
		if(isset($user['image']) && is_file(C('IMAGE_DIR').$user['image'])){
			$user['thumb']=image_resize($user['image'],100,100);
		}else{
			$user['thumb']=$user['placeholder'];		
		}
		$user_group=M('UserGroup')->select();
		$this->assign('user',$user);
		$this->assign('user_group',$user_group);
		$this->assign('msg',$this->msg);
		$this->display();
	}
	//修改自己的资料
	public function self(){
		$map['user_id']=session(C('USER_AUTH_KEY'));
		$user=$this->Model->where($map)->find();
		if(IS_POST){
			$user=I('post.');
			if($this->validateSelfForm()){
				$user_data=$this->Model->create($user);
				$user_data['password']=md5(sha1(trim($user['new_password'])).C('DATA_AUTH_KEY'));
				unset($user_data['user_group_id']);
				$this->Model->where($map)->save($user_data);

				$this->redirect('Login/logout');
			}else{
				$this->msg['warning']=L('error_warning');
			}
		}
		$user['placeholder']=image_resize();
		if(isset($user['image']) && is_file(C('IMAGE_DIR').$user['image'])){
			$user['thumb']=image_resize($user['image'],100,100);
		}else{
			$user['thumb']=$user['placeholder'];
		}
		$this->assign('user',$user);
		$this->assign('msg',$this->msg);
		$this->display('self');
	}
	public function del(){
		$uids=I('post.selected');
		$map['user_id']=array('in',$uids);
		if($this->validateDelete()){
			$count->$this->Model->where($map)->delete();
			session('success',L('success_delete',array('count'=>$count)));			
		}else{
			session('danger',$this->msg['warning']);
		}
		$this->redirect('index');
	}
	//密码修改验证
	private function validateSelfForm(){
		$data=I('post.','','trim');
		if(mb_strlen($data['username'])>40 || mb_strlen($data['username'])<2){
			$this->msg['username']=L('error_username');
		}else{
			$map=array(
				'username'	=>	$data['username'],
				'user_id'	=>	array('neq',session(C('USER_AUTH_KEY')))
				);
			if($this->Model->where($map)->find()) $this->msg['username']=L('error_username_exist');
		}
		if(mb_strlen($data['nickname'])>40 || mb_strlen($data['nickname'])<2){
			$this->msg['nickname']=L('error_nickname');
		}
		if(mb_strlen(trim($data['passowrd']))>20 || mb_strlen(trim($data['password']))<6){
			$this->msg['password']=L('error_password');
		}else{

			$map=array(
				'user_id'	=>	session(C('USER_AUTH_KEY')),
				'password'	=>	md5(sha1(trim($data['password'])).C('DATA_AUTH_KEY')),
				);
			$user=$this->Model->where($map)->find();
			if(empty($user)) $this->msg['password']=L('error_login');
		}

		if(mb_strlen($data['new_password'])>20 || mb_strlen($data['new_password'])<6){
			$this->msg['new_password']=L('error_new_password');
		}else{
			if($data['new_password']!==$data['confirm_password']){
				$this->msg['confirm_password']=L('error_confirm_password');
			}
		}
		return !$this->msg;
	}
	//新增/修改用户验证
	private function validateForm($user_id=0){
		if($user_id && !$this->checkPermission('EditUser')){
			$this->msg['warning']=L('error_not_permission');
			return !$this->msg;
		}
		$data=I('post.','','trim');
		if(mb_strlen($data['username'])>40 || mb_strlen($data['username'])<2){
			$this->msg['username']=L('error_username');
		}else{
			$map=array(
				'username'	=>	$data['username'],
				'user_id'	=>	array('neq',$user_id)
				);
			if($this->Model->where($map)->find()) $this->msg['username']=L('error_username_exist');
		}
		if(mb_strlen($data['nickname'])>40 || mb_strlen($data['nickname'])<2){
			$this->msg['nickname']=L('error_nickname');
		}
		if(!is_email($data['email'])){
			$this->msg['email']=L('error_email');
		}else{
			$map=array(
				'user_id'	=>	array('neq',$user_id),
				'email'		=>	$data['email']
				);
			if(!empty($this->Model->where($map)->find())) $this->msg['email']=L('error_email_exist');
		}
		if(!$user_id){
			if(mb_strlen($data['passowrd'])>20 || mb_strlen($data['password'])<6){
				$this->msg['password']=L('error_password');
			}
			if(trim($data['password'])!==trim($data['confirm_password'])){
				$this->msg['confirm_password']=L('error_confirm');
			}
		}else{
			if(trim($data['password']) !='' && (mb_strlen($data['passowrd'])>20 || mb_strlen($data['password'])<6)){
				$this->msg['password']=L('error_password');
			}
			if(trim($data['password']) !='' && (trim($data['password'])!==trim($data['confirm_password']))){
				$this->msg['confirm_password']=L('error_confirm');
			}
		}
		return !$this->msg;
	}
	//删除用户验证
	private function validateDelete(){
		if($this->checkPermission('DeleteUser')){
			$ids=I('post.selected');
			if(in_array(session(C('USER_AUTH_KEY')),$ids)){
				$this->msg['warning']=L('error_delete_list_has_self');
			}
		}else{
			$this->msg['warning']=L('error_not_permission');
		}
		return !$this->msg;
	}
}